/**配置OAuth2资源服务器（Resource Server）,即受保护的服务
 * 1.核心依赖：spring-cloud-starter-oauth2（含spring-cloud-starter-security和spring-security-jwt）
 * 2.启动类main上@EnableResourceServer注解之，标明该服务受到保护
 * 3.建立@Configuration注解的Resource Server配置文件，继承ResourceServerConfigurerAdapter，覆写其中至少一个方法，以配置验证规则
 *   1）configure(HttpSecurity http) 用来配置哪些服务需要怎样的验证方式
 * 4.在yml中配置security.oauth2.resource.user-info-uri属性，指向验证user的地址
 *  Token验证流程：OAuth2AuthenticationProcessingFilter#->OAuth2AuthenticationManager.authenticate->RemoteTokenServices.loadAuthentication
 * ->/oauth/check-token -> RemoteTokenServices.loadAuthentication ->tokenConverter.extractAuthentication -> userTokenConverter.extractAuthenticatio
 */
package com.example.demoauthservice;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.cloud.commons.security.AccessTokenContextRelay;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
import org.springframework.cloud.openfeign.EnableFeignClients;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.context.annotation.Bean;
import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
import org.springframework.security.oauth2.client.OAuth2ClientContext;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
import org.springframework.security.oauth2.client.token.AccessTokenProviderChain;
import org.springframework.security.oauth2.client.token.AccessTokenRequest;
import org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest;
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider;
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails;
import org.springframework.security.oauth2.common.AuthenticationScheme;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.client.RestTemplate;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

@SpringBootApplication
@EnableEurekaClient
@EnableFeignClients     //用于实现微服务之间的调用
public class DemoAuthServiceApplication {

    @FeignClient(name="auth-internal-service")
    public interface RepositoryFeign{
        @RequestMapping(value = "/repository/{id}",method = RequestMethod.GET)
        String getRepository(@PathVariable("id") String id);
    }
    @Bean
    RestTemplate restTemplate() {
        return new RestTemplate();
    }

    public static void main(String[] args) {
        SpringApplication.run(DemoAuthServiceApplication.class, args);
    }


}
